Trust Assessment
slack received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad Read/Write Access to Slack Channels.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 18, 2026 (commit b62bd290). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad Read/Write Access to Slack Channels The `slack` skill grants the agent broad capabilities including `readMessages`, `sendMessage`, `editMessage`, and `deleteMessage`. Specifically, `readMessages` allows the agent to retrieve content from any Slack channel the bot has access to. When combined with `sendMessage`, this creates a potential data exfiltration vector where sensitive information could be read from one channel and then sent to an unauthorized destination. While these are core functionalities of a Slack integration, the broad scope of access requires careful consideration of the agent's trust level and the channels it can access. Implement strict access controls for the bot's Slack token, limiting its permissions to only necessary channels and message types. Ensure the agent's instructions are carefully vetted to prevent unauthorized data access or exfiltration. Consider implementing a human-in-the-loop approval process for sensitive actions or data transfers. | LLM | SKILL.md:59 |
Scan History
Embed Code
[](https://skillshield.io/report/864c3b1ac6088571)
Powered by SkillShield